dissect.target.plugins.filesystem.unix.suid
¶
Module Contents¶
Classes¶
Unix SUID binary plugin. |
Attributes¶
- dissect.target.plugins.filesystem.unix.suid.SuidRecord¶
- class dissect.target.plugins.filesystem.unix.suid.SuidPlugin(target: dissect.target.Target)¶
Bases:
dissect.target.plugin.Plugin
Unix SUID binary plugin.
- check_compatible() None ¶
Perform a compatibility check with the target.
This function should return
None
if the plugin is compatible with the current target (self.target
). For example, check if a certain file exists. Otherwise it should raise anUnsupportedPluginError
.- Raises:
UnsupportedPluginError – If the plugin could not be loaded.
- suid_binaries() Iterator[SuidRecord] ¶
Return all SUID binaries.
A SUID binary allows all users to run it with the permissions of its owner. This means that a SUID binary owned by the root user can be run with root privileges by any user. Such binaries can be leveraged by an adversary to perform privilege escalation.
References